The Data Recovery Blog by Ontrackhttps://www.krollontrack.com/blog
The official blog of Ontrack Data Recovery by Ontrack.Tue, 13 Feb 2018 20:25:28 +0000en-UShourly1https://wordpress.org/?v=4.8.5https://www.krollontrack.com/blog/wp-content/uploads/sites/7/cropped-kld-icon-32x32.pngThe Data Recovery Blog by Ontrackhttps://www.krollontrack.com/blog
3232TheDataRecoveryBlogByKrollOntrackhttps://feedburner.google.com5 Songs for Erasing Datahttp://feedproxy.google.com/~r/krollontrack/news/~3/U9MCK1ezgYA/
https://www.krollontrack.com/blog/2018/02/13/5-songs-for-erasing-data/#respondTue, 13 Feb 2018 20:25:28 +0000https://www.krollontrack.com/blog/?p=5484How organizations erase data is almost as important as how they store it. Companies spend lots of effort, time, and money painstakingly protecting data throughout its life cycle, but when it comes to end-of-life data and devices, the same level of attention is rarely achieved. While data erasure is a very important topic that your organization should certainly be focusing on as part of your data retention and disposal policies, …Read More]]>

How organizations erase data is almost as important as how they store it. Companies spend lots of effort, time, and money painstakingly protecting data throughout its life cycle, but when it comes to end-of-life data and devices, the same level of attention is rarely achieved.

While data erasure is a very important topic that your organization should certainly be focusing on as part of your data retention and disposal policies, in this post we’ll be taking a step back with a little help from our trusty data storage jukebox.

As is customary when engaging with our satirical data storage music machine, here’s a quick rundown of some essential materials you’ll need when reading this post:

A beverage of choice (we’d recommend a nice strong brew)

Something to snack on (cookies are top of our list)

Somewhere to put your feet up (your desk is preferable, but a strategically built tower of erased hard drives will score you bonus cool points)

Ready? Then let us present to you our top 5 songs for erasing data from storage devices.

1. A Little Respect – Erasure

First up, this 1988 hit from the aptly-named Erasure. Unlike 1988, a time when you felt lucky to have a grand total of 20MB capacity on your Prairie Tek 220, today’s devices store comparatively huge amounts of data, all of which needs erasing properly when it reaches the end of its life.

The repercussions of not erasing data properly can be severe, especially on the financial side when the GDPR arrives. The clue is in the title folks – make sure you give the process of erasing data the respect it deserves to avoid hefty fines and damage to your reputation.

If you think that means simply ‘deleting’ your data, or formatting your device, then think again…

2. I’m Still Standing – Elton John

“And did you think this fool could never win, well look at me, I’m coming back again.”

Let’s hop back five years to 1983 and this hit from Sir Elton. This one is simple; it’s the song that your data is singing very loudly from the rooftops if you think that simply pressing ‘delete’ or formatting your device will safely remove all your data.

To get rid of your data properly you need specialist software and/or hardware to get the job done and quash your data once and for all, so it never comes back again! Trust us – your data can’t sing very well and it’ll only cause problems if you let it.

3. Never Gonna Give You Up – Rick Astley

It seems we can’t get enough of the 80’s, but it’s just as well, as Rick Astley got us thinking – is ‘never gonna give you up’ your company’s attitude to handling data?

After auditing what data your company stores and where (which you should be doing for GDPR compliance anyway), you might find that you’re storing legacy data unnecessarily. Whether it’s on disk or tape, data storage isn’t cheap and it would do your budget/storage space a favor if you were to get rid of everything you don’t need. It’ll also reduce the chances of a data breach should your business suffer a cyber attack. Two birds!

This should all be covered your data retention policy anyway, but speaking of which…

4. Out of Touch – Hall & Oates

Whether this corker from Hall & Oates makes you think of December 1984, wanting to play GTA Vice City, or it just gets you up and dancing, there’s an important message to be taken away here; are your data retention and destruction policies out of touch with your current infrastructure?

Whether it’s a company smartphone, an Exchange server or a C-suite laptop; you need to make sure that your policies are up to date and take into consideration the plethora of devices within the modern organization. If not, best to get a move on before the GDPR arrives and you’re out of time. Each device will need data erasing in a different way, especially when it comes to virtual storage systems.

5. No Surprises – Radiohead

“No alarms and no surprises, please”. When you recycle, resell, or dispose of a storage device, the last thing you want is a nasty surprise later down the line that your data has been resurrected.

To prevent this from happening, pop on this number from the classic 1997 album OK Computer, grab yourself either some software or hardware and erase away, safe in the knowledge that not even a data recovery professional could get your data back. Remember; no trace of data = no surprises!

]]>https://www.krollontrack.com/blog/2018/02/13/5-songs-for-erasing-data/feed/0https://www.krollontrack.com/blog/2018/02/13/5-songs-for-erasing-data/http://feedproxy.google.com/~r/TheDataRecoveryBlogByKrollOntrack/~3/nV8rdWnIaac/How Long do SSDs Really Last?http://feedproxy.google.com/~r/krollontrack/news/~3/H0bApOzbHig/
https://www.krollontrack.com/blog/2018/02/07/how-long-do-ssds-really-last/#respondWed, 07 Feb 2018 20:43:16 +0000https://www.krollontrack.com/blog/?p=5501Until a couple of years ago, many IT administrators and managers were concerned about the risk of losing valuable data because of a sudden failure. That’s why it took manufacturers a long time to convince the public that SSDs are safe to use, even when handling sensitive data. A NAND Flash chip based SSD is a totally different storage media than the traditional hard disk drive which saves its data …Read More]]>

Until a couple of years ago, many IT administrators and managers were concerned about the risk of losing valuable data because of a sudden failure. That’s why it took manufacturers a long time to convince the public that SSDs are safe to use, even when handling sensitive data.

A NAND Flash chip based SSD is a totally different storage media than the traditional hard disk drive which saves its data on a magnetic plate. It consists of an electronic controller and several storage chips. A hybrid drive – also called SSHD – consists of both storage technologies: A normal magnetic hard disk drive as well as storage chips.

The main benefit of electronic chips for storage is that they are much faster than HDD with a spindle inside. That is due to the fact that a normal HDD consists of many mechanical parts and rotating discs. Also the re-positioning of the read/write head takes much more time than just pushing data through electronic interfaces. Additionally, SSDs have a very short access time, which makes them perfect for being used in environments where real time access and transfer is a necessity.

The downside of SSDs with the NAND Flash based chips is that they have a limited life span by default. While normal HDDs can – in theory – last forever (in reality about 1o years max.), SSDs have a built-in “time of death.” To keep it simple: An electric effect results in the fact that data can only be written on a storage cell inside the chips between approximately 3,000 and 100,000 times during its lifetime. After that, the cells “forget” new data. Because of this fact – and to prevent certain cells from getting used all the time while others aren’t – manufacturers use wear-leveling algorithms to distribute data evenly over all cells by the controller. As with HDDs the user can check the current SSD status by using the S.M.A.R.T. analysis tool, which shows the remaining life span of a SSD.

Usually, manufacturers give an estimate with the so-called terabyte(s) written (TBW)– especially when it comes to enterprise SSDs, but also for consumer versions. Because of the fact that by using Wear-Leveling the data will be distributed evenly over all cells, this figure is supposed to tell how much data can be really written in total on all cells inside the storage chips and over the whole life span.

A typical TBW figure for a 250 GB SSD lies between 60 and 150 terabytes written. That means: To get over a guaranteed TBW of 70, a user would have to write 190(!) GB daily over a period of one year (In other words, to fill two thirds of the SSD with new data every day). In a consumer environment this is highly unlikely.

A normal office user writes approximately between 10 and 35 GB on a normal day. Even if one raises this amount up to 40 GB, it means that they could write (and only write) more than almost 5 years until they reach the 70 TBW limit.

The experts from the magazine wrote bits of data on the SSDs using a special tool programmed by one of their experts to both analyze the performance as well as to constantly fill the disks with data.

The outcome of the tests conducted were astonishing: All of the drives tested were able to write more data than what was promised by the producer. Even cheaper drives were able to write more data than promised: The Crucial BX 200 drives were able to write 187 TB and 280 TB – that is more than 2.5 times the figure promised.

One of the Samsung SSD 850 PRO drives achieved a figure of 9.1 petabytes of data written! That’s 60 times the TBW figure Samsung promises on their data sheets. The other Samsung product – the Samsung SSD 750 Evo – was able to write 1.2 petabytes of data, which equals (in theory) to more than 80 years of constant writing. However, the pro models showed why their price is higher: None of them did write less than 2.2 Petabyte of data.

The test clearly proves that the fear of a limited life span is highly exaggerated in most aspects. But there are other threats.

If they last that long, where are the dangers?

Even though these tests clearly shows that SSDs last longer than expected, using this storage medium still poses a serious threat: Recovering data from failed SSDs is still more challenging than HDDs for data recovery service providers because getting access to the device is often difficult. When the SSD controller chip is broken, access to the device and the storage chips is impossible. The solution to this problem is trying to find a functioning controller chip that is identical to the bad one and to remove and exchange it with the identical one to get access. What sounds quite simple is a difficult task in reality. This applies also for trying to access data from faulty storage chips. In many cases data recovery experts like those from Ontrack are able to reset data. In the last few years, Ontrack developed a lot of special tools and processes to master these challenges and have successfully recovered lost data.

Remember: In case of data loss from SSDs, the best idea is to contact a professional data recovery service provider. When it comes to a physical fault, there is no possibility for a user to recover or rescue their data themselves. Also, when the controller or storage chip is malfunctioning, the attempt to recover data with a specialized data recovery software tool is even more dangerous. It can lead to a permanent data loss with no chance of recovering the data ever again.

Picture copyright: Kroll Ontrack GmbH, Böblingen, Germany

]]>https://www.krollontrack.com/blog/2018/02/07/how-long-do-ssds-really-last/feed/0https://www.krollontrack.com/blog/2018/02/07/how-long-do-ssds-really-last/http://feedproxy.google.com/~r/TheDataRecoveryBlogByKrollOntrack/~3/tIOltOgiZKA/What to do in Case of Bitcoin Loss Caused by Hardware Failurehttp://feedproxy.google.com/~r/krollontrack/news/~3/qRtm0uQLv_c/
https://www.krollontrack.com/blog/2018/02/01/what-to-do-in-case-of-a-bitcoin-loss-caused-by-hardware-failure/#respondThu, 01 Feb 2018 21:43:50 +0000https://www.krollontrack.com/blog/?p=5465So called cryptocurrencies, especially Bitcoin, are all over the news. The enormous increase of more than 1000% in value over the last 12 months and then its 50% decline in the last 3 weeks, made headlines all over the world. Many governments officials, both in the western world as well as in Asia, are concerned and have warned private individuals not to participate in the bitcoin “gold rush.” However, even …Read More]]>

So called cryptocurrencies, especially Bitcoin, are all over the news. The enormous increase of more than 1000% in value over the last 12 months and then its 50% decline in the last 3 weeks, made headlines all over the world. Many governments officials, both in the western world as well as in Asia, are concerned and have warned private individuals not to participate in the bitcoin “gold rush.” However, even with these concerns and the decline in value, somebody who has bought or mined bitcoins a couple of years ago has made a lot of money!

This is why many old bitcoin miners and early adopters who wanted to push blockchain technology years ago – and who forgot about having them – are now trying to recover their “money.” Additionally, there have been a lot of cases where computer users have had all kinds of bad luck, like hard drive failures, controller issues, and encryption problems which have lead to bitcoin loss. While in the old days this was just a loss of some play money and worth buying a cheeseburger, we are now talking serious amounts of cash.

One interesting case that was not picked up by media as much as it should have, happened in August 2017. It clearly showed that having a functional backup is even more important for bitcoin holders as it is already necessary for all computer users with their normal data.

In a very exciting and informative post in the special bitcoin subgroup on Reddit, a user detailed the misery he had to endure: His mom´s house burned down with his computer inside. Even though he managed to grab his USB stick with the bitcoin wallet backup, this was – as was the computer with the built-in SSD drive – also hit hard by fire. In his post he stated that the bitcoin wallet saved on the computer stored an amount of 17 BTC. At the time of the loss the bitcoins were worth almost $50,000. Now they’re listed even higher – at around $175,000. Since he and his mom had suffered serious financial loss, he now was requesting help on how to recover his bitcoins.

However, he made a big mistake: All of his bitcoin wallet backups were stored in the burned house nearby the destroyed computer – so they all were damaged by fire – and one of the bitcoin wallet backups was a paper one (which is normally a good idea, but not when your store it in a non fireproof environment). Obviously the paper burned immediately when hit by the flames.

What the Reddit post did not finally answer was if the person was successful in recovering his bitcoins. However, he is definitely not the only one. Crashed hard drives or unintentionally deleting the wallet obviously happen quite often.

So, in instances of bitcoin loss due to hardware problems, the best thing to do is to contact a data recovery service provider immediately. In many cases they are able to recover the wallet as if they would normally recover any other sensitive file.

However, one important piece of information they can not recover – the 12 or 17 word long password that secures and encrypts the wallet. At least this piece of paper should be kept in a secure place like a bank safe. Without this password neither you nor any data recovery expert in the world are able to access the wallet and your bitcoin addresses and private key stored within.

]]>https://www.krollontrack.com/blog/2018/02/01/what-to-do-in-case-of-a-bitcoin-loss-caused-by-hardware-failure/feed/0https://www.krollontrack.com/blog/2018/02/01/what-to-do-in-case-of-a-bitcoin-loss-caused-by-hardware-failure/http://feedproxy.google.com/~r/TheDataRecoveryBlogByKrollOntrack/~3/T5NkxOVj5rM/Always Encrypt your USB Stick when Traveling with Sensitive Informationhttp://feedproxy.google.com/~r/krollontrack/news/~3/VKUVFAxi7ZI/
https://www.krollontrack.com/blog/2018/01/30/always-encrypt-usb-stick-traveling-sensitive-information-2/#respondTue, 30 Jan 2018 21:51:45 +0000https://www.krollontrack.com/blog/?p=5520USB memory sticks have become much smaller, can contain more data, and with USB 3.0, are faster than ever before. But due to their size, USB sticks have a downside: They can be easily lost. My partner recently went on a business trip to the lovely city of Freiburg, Germany, known for its famous churches and the nearby black forest. While having a coffee on the main market square, she …Read More]]>

USB memory sticks have become much smaller, can contain more data, and with USB 3.0, are faster than ever before. But due to their size, USB sticks have a downside: They can be easily lost.

My partner recently went on a business trip to the lovely city of Freiburg, Germany, known for its famous churches and the nearby black forest. While having a coffee on the main market square, she found a USB stick laying on the pavement. She gave it to me to check the content and for the owner of the stick.

Using a secured computer, what I found completely shocked me: It was fully loaded with personal and sensitive material: scans of two different identification cards of a man and a woman, a home loan application, bank statements of the two individuals, salary statements, a credit application, a calculation of the expected pension payments, and tax assessments of the last three years. Additionally, there were lots of detailed documents of two different houses in the Freiburg area regarding future construction and renovation costs. And that’s not all: The stick also contained a folder with more than a dozen software products along with the necessary serial numbers and keys.

Obviously, the owner of the stick – probably a sales representative of real estate firm – wanted to have all the necessary information with them all the time to have it available when necessary.

However, as you can imagine, criminals can use this information to easily steal the owners identity, transfer money, or sell the personal info to others in the darknet – or even worse – to a bad credit classification, which in some cases can take years to repair.

Therefore, storing personal information on an unsecured USB stick is a risky business and should be absolutely avoided!

When traveling with an USB stick, you should also encrypt the device. There are many solutions on the market – even free of charge – which can be used. Often, when purchasing a brand new stick, an encryption solution is already supplied by the manufacturer.

In case your USB does not come with an encryption tool, there are several products available. Among them are:

VeraCrypt . The successor to the well-known (but no longer developed) TrueCrypt, works on Windows, OSX, and Linux. After downloading and installing the program, click on “Create Volume”, select “Encrypt a non-system Partition/Device” and click on “Next.” Under “Select Device,” select your USB stick, enter a password, and your stick should be safe. However, you should perform this procedure before uploading your data, as all data on the stick will be deleted. To access the encrypted data, you also need VeraCrypt. Click on the button “Select Device.” You select the stick, click on “Mount” and enter your password. With “Dismount” you release the stick again.

If you own a Windows PC and have installed an “Ultimate,” “Pro,” or “Enterprise” version, you can also use on-board resources. The well-known Bitlocker encryption tool is included in Windows 7, 8, and 10 (with the exception of the Home version).

To start you must click on the stick in the Windows Explorer with the right mouse button. Under “Properties” you will find the tab “General.” Click on “Advanced,” and activate “Encrypt content to protect data” and confirm with “OK.” You should be advised to back up the data encryption certificate and the key – if lost you will no longer be able to access the data in the directory. Therefore, please click on “Back up now (recommended).” In the dialog “Security,” you can set your password. If it says, “File Encryption is enabled on this computer,” click “Start,” then “Properties” and “System.” Under “Info” you can change the “BitLocker settings” and activate the program. The USB stick is addressed under “Removable Disk – BitLocker To Go.” For more information read this article from Tom’s Guide.

These two are just some of the many products available, but are the most important ones and will do the job without you having to spend a lot of money as they are free of charge.

However, there are quite a few experts who find software encryption is not secure enough. If you too do not trust this type of encryption, you can opt for a USB key with hardware encryption. These options include a small keyboard that allows you to unlock the stick.

Remember: When you lost your decryption or hardware key, there is no way that you (or even data recovery experts) can recover the files stored on the medium. So make sure of the following:

In case you have difficulties getting access to the content on the stick, it might have come to the end of its product life. In this case, it’s better to destroy it. A big hammer and several hits will do the job. However, make sure that nobody can reassemble the included controller and storage chips again. So totally destroying them is absolutely necessary here.

In case you do not want to use the USB stick again with personal information, but for other purposes, make sure that you erase the old files with a proper erasure software solution, like Flash Erase from Blancco, or a similar product. It’s only through proper erasure methods that you can be sure that no one will be able to gather your personal information.

P.S. After I found the address of one of the individuals ID cards in one of the document provided, I returned the USB stick to this original owner and gave them the same advice as I just did here.

Picture copyright: Maik Schwertle / pixelio.de

https://www.pixelio.de/media/701247

]]>https://www.krollontrack.com/blog/2018/01/30/always-encrypt-usb-stick-traveling-sensitive-information-2/feed/0https://www.krollontrack.com/blog/2018/01/30/always-encrypt-usb-stick-traveling-sensitive-information-2/http://feedproxy.google.com/~r/TheDataRecoveryBlogByKrollOntrack/~3/WqIzKX-Pdqo/How to Protect your Bitcoinhttp://feedproxy.google.com/~r/krollontrack/news/~3/rG9bIpff9qA/
https://www.krollontrack.com/blog/2018/01/26/protect-bitcoin-2/#respondFri, 26 Jan 2018 19:49:04 +0000https://www.krollontrack.com/blog/?p=5493Cryptocurrency has been a very hot topic in the news, especially in the last few months. This is due to the fact that these “currencies” have drastically gone up in value, especially in the last six months. Bitcoin, the digital currency based on blockchain technology, has made a huge increase beginning after July last year with 1 Bitcoin being valued over $20,000 in December. Even though it is now starting …Read More]]>

Cryptocurrency has been a very hot topic in the news, especially in the last few months. This is due to the fact that these “currencies” have drastically gone up in value, especially in the last six months. Bitcoin, the digital currency based on blockchain technology, has made a huge increase beginning after July last year with 1 Bitcoin being valued over $20,000 in December. Even though it is now starting to drop drastically – as of this writing it has lost almost 50 % of its value and is currently being traded around $11,500 – it is worth a lot of money. Compared to 2017 it has gone up by 1342 %, a raise that you will definitely not see in the normally in Wall Street or other stock exchanges. For example, people who bought bitcoins on April, 4th in 2011 have become millionaires.

It’s the reason why many people have recently been trying to find and recover their bitcoins. However, the Deputy Head of Technology of the London-based British newspaper The Telegraph stated two years ago that many bitcoins from the total amount that were mined until that year were already lost. According to an estimation of NVDIA engineer John Ratcliff, almost 30% of all bitcoins created from the introduction of bitcoin in 2009 until 2014 were so-called “Zombie coins.” These coins he is referring to are bitcoins that have not been used for at least 1.5 years. If you take that estimate in regards to the 13.7 million bitcoins that were unlocked until the middle of 2014, a total of 4.11 million bitcoins were not used. The guess is that a lot of these unused bitcoins are gone for good.

There are many stories about people who remember that they had bitcoins but lost their storage media. One person from Newport, South Wales wanted to pay the city to find his discarded hard drive with his private key of 7,500 bitcoins in a waste recycling center. And yet another person who mined 10 bitcoins in 2010, put their bitcoins on an USB stick and forgot about it. When they found out that price had gone up, they were not able to find the stick anymore. And the list goes on and on and on…

With so many bitcoins probably vanished or lost – How should you protect your digital coins?

First, make sure that your bitcoins are stored somewhere safe, away from potential hackers and thieves.

There are currently two possible ways to “possess” bitcoins. The traditional way is to have a bitcoin as a generated code in a so called “bitcoin wallet.” This is the way most people think of a “real” bitcoin. However, a couple of years, changes were made so that you can “possess” a bitcoin by using a bitcoin trading website. These trading sites differ drastically in their legal structure. Some of these platforms just are handling trades of real bitcoins (and other cryptocurrencies) between private individuals.

Some are structured as a bank and you can create an account inside this online financial institution and buy and sell bitcoins there. In reality you never see your bitcoin and you do not really possess a real bitcoin or parts of it that you can use for purchasing or selling real goods (like a simple hamburger). In this case you cannot take your bitcoin and make a purchase in a store witch accepts bitcoin payments or buying illegal goods on the internet. These sites or banks are just for traders.

This means that keeping your bitcoins safe has a lot to do with what do you want your bitcoin for: Using them as a digital currency to pay goods and services or as a way to make quick and easy money by speculating.

For those traders among the readers here, the best advise is to open an account on a secure and reliable bitcoin trading platform, which operates almost like a bank. They will try to take sure of your digital money is safe and no bitcoins getting lost because of hardware failure or hackers trying to steal them.

Remember that this already happened when the MtGox bitcoin exchange became bankrupt in 2014 following many hacking attacks beginning in 2011 and a total loss of 744,408 bitcoins – then $400 million – now worth over $8 billion. And this still happening: A Slovenian bitcoin exchange called NiceHash was hacked in early December 2017 and 4,700 bitcoins were lost.

When you really need your bitcoin as a real digital currency, then here apply the same rules as with every other digital file: Make several digital copies (a.k.a backups) of your bitcoin wallet (wallet.dat) on various storage media. For example, you can make a backup of your wallet on an external hard disk drive, an USB stick, or burn it to a CD. If you have a tape based backup system available, you can use that, too, since you could wait for another 50 years and still recover that bitcoin wallet. Another possibility is to backup your wallet in the cloud on one of the various cloud service providers. But remember to make sure that nobody is able to access your file since we are talking money here.

Another idea is to print out your bitcoin wallet. There is the possibility to create a so-called “paper wallet.” It consists of a public and a private key for each of your bitcoin addresses. The private key is always assigned to a bitcoin address. The wallet is – as the name suggests – like a basket were the private and public keys are stored in and is also referred to as “client software” for bitcoins. If you don’t back up your private key and you lose it, you can no longer access your bitcoin wallet to spend funds.

However you could print out the private key or the whole bitcoin wallet as a paper version and put this piece of paper in a fire-proof safe. This might be the safest variant to keep your bitcoins safe and secure. Here you have to keep in mind, that you need to purchase and use good paper (and more expensive) for the print out, otherwise the ink will vanish after a couple of years.

]]>https://www.krollontrack.com/blog/2018/01/26/protect-bitcoin-2/feed/0https://www.krollontrack.com/blog/2018/01/26/protect-bitcoin-2/http://feedproxy.google.com/~r/TheDataRecoveryBlogByKrollOntrack/~3/neBviqaMf8E/Data Loss Prevention (DLP) vs. Data Losshttp://feedproxy.google.com/~r/krollontrack/news/~3/mhm6agNmjgA/
https://www.krollontrack.com/blog/2018/01/24/data-loss-prevention-dlp-solutions-anything-data-loss/#respondWed, 24 Jan 2018 17:06:57 +0000https://www.krollontrack.com/blog/?p=5470Sometimes marketing experts lead the ordinary computer user (or even IT administrators) in the wrong direction such as with the term Data Loss Prevention (DLP). When you search the internet for tools that prevent data loss in your system, for example, when you suffer a hardware or software failure, you sometimes see this term on your computer screen. But in contrast to what one might think, this term does not have …Read More]]>

Sometimes marketing experts lead the ordinary computer user (or even IT administrators) in the wrong direction such as with the term Data Loss Prevention (DLP). When you search the internet for tools that prevent data loss in your system, for example, when you suffer a hardware or software failure, you sometimes see this term on your computer screen.

But in contrast to what one might think, this term does not have anything to do with what you are searching for. It is a term created by marketers that relates to software packages to secure your system against data leaks and protection against unauthorized entry or use.

About 10 years ago, IT security solutions and their marketers promoted one or many functions of their products as DLP solutions. With these solutions data should be protected against unauthorized access and therefore protect against “data loss,” but what they really mean is that they protect against data leaks.

What these solutions are really designed for is to prevent companies from data theft and/or industrial espionage. Companies today face a serious threat from all kinds of hacking, data theft, ransomware, or other computer, IT, or network related intruders.

The solutions DLP providers offer can either be software or hardware based. Since data security has become a serious neccessity for companies there is a lot of demand for these solutions. Because DLP is not a fixed term, these solutions combine a miscellany of different IT security techniques and measures.

So called DLP suites can technically secure a company against all scenarios of data theft: Reading and writing on all possible storage media (USB-Sticks, HDDs, SSDs etc.) as well as data transfer via emails, file uploads or the internal network can be enabled or disabled. Additionally cut and paste or print screen function can be disabled, too. The main ingredients of a modern DLP solution is encryption of the data, monitoring of all incoming and outgoing (data) traffic and access control to the company network. However some providers offer an all-in-one solutions, while other suites consist of several modules, which can be bought separately.

In the last few years, another technology has also found the way into DLP: The classification of data by content and by the user. Using these two methods the most sensitive data is captured by the DLP. Determining whole data groups as sensitive and adding more data by users makes sure that only a minority of data is not covered by this method. Based on this classification method the adequate security for each data set is then automatically activated by the DLP solution.

Providers of DLP solutions added in the last years security features to protect companies from data leaks by integrating safety features regarding cloud storage and online file storage services such as Microsoft Azure, Dropbox and more.

Additionally, the more advanced DLP solutions come with indexing of data to identify sensitive data, real time monitoring, advanced reporting, flexible data tagging and an easy to use management console. Identifying sensitive data is even more important in regards to the introduction of GDPR (European law on data security) and its tougher regulations in most European countries (and companies dealing with EU countries) and much higher fines.

What DLP really describes is that these solutions aim to protect you from data leakages and not to save your from data loss due to failures, so what most of us describe as a data loss due to hardware or software failures, and where data recovery experts, such as Ontrack, can help the victim, is definitely not meant here!

So when you search for specialists who can recover your lost data in search engines on the internet better use the term “Data Recovery” instead of “Data loss,” and do not get confused with the term “DLP.”

Picture copyright: lichtkunst.73 / pixelio.de

https://www.pixelio.de/media/657033

]]>https://www.krollontrack.com/blog/2018/01/24/data-loss-prevention-dlp-solutions-anything-data-loss/feed/0https://www.krollontrack.com/blog/2018/01/24/data-loss-prevention-dlp-solutions-anything-data-loss/http://feedproxy.google.com/~r/TheDataRecoveryBlogByKrollOntrack/~3/R7yWEp0PcrU/Cybercrime is on the Rise – How to Protect Against Ransomware in 2018http://feedproxy.google.com/~r/krollontrack/news/~3/u-pXzyFyqE4/
https://www.krollontrack.com/blog/2018/01/11/cybercrime-rise-protect-ransomware-2018-2/#respondThu, 11 Jan 2018 20:45:33 +0000https://www.krollontrack.com/blog/?p=5444With 2017 only a few days over, we have to determine this has been the most terrible year in regards to ransomware ever, with severe attacks all over the world. There has never been a year in which attacks caused so many problems worldwide for so many private individuals, companies and federal organizations before. Malwarebytes Labs, a data security firm, states in his latest report that ransomware attacks have risen …Read More]]>

With 2017 only a few days over, we have to determine this has been the most terrible year in regards to ransomware ever, with severe attacks all over the world. There has never been a year in which attacks caused so many problems worldwide for so many private individuals, companies and federal organizations before. Malwarebytes Labs, a data security firm, states in his latest report that ransomware attacks have risen in comparison from 2015 to 2017 by 2000% (!) with last year´s attacks being the worst ever.

The two worst ransomware variants that attacked companies and organizations in 2017 around the globe were NotPetya and WannaCry:

The WannaCry attack caused serious damage around the world in May 2017, when it infested presumably 300.000 computers in 150 countries. It targeted Windows operating systems which were not properly patched or were too old to be patched. The ransomware encrypted the data and demanded bitcoins to be paid. A further spread could have only be stopped by a new Microsoft patch and the detection of an implemented kill switch to prevent further spreading. Why the kill switch was available is still unknown. WannaCry relied heavily on an exploit that was released by the Shadow Brokers (who previously hacked the NSA and made their 0-day-exploits public). One victim was the German railroad, which then had problems with their information terminals, not showing arrivals or departures, but only the WannaCry screen demanding the ransomware money in bitcoins.

NotPetya started off as an Ukranian Tax Software update just one month later in June and infected hundreds of thousands of computers in more than 100 countries all over the world in just a few days. The financial impact was enormous, for example the global pharmaceutical company Merck suffered loss of more than 300 Million $ just in the third quarter of that year alone by this attack.

How come ransomware is having such a huge “success”?

Carbon Black, an anti-malware software solutions provider, released a study in last October identifying an increase of 2.500 % in ransomware software sales in the major dark net market places between 2016 and 2017. According to them more than 6300 sites are currently offering ransomware solutions to carry out your own attack.

With so many tools available in the dark net, it is no wonder that Sophos Labs, a data security software provider based in the UK, projects in his annual security forecast for 2018 an increase of ransomware attacks in 2018. They state that “it is a fair bet that Android and Windows will continue to be heavily targeted with ransomware and other malware, given the success attackers have had thus far”.

And according to the data security analyst and software provider Kapersky Lab even more ransomware attacks will be aimed at companies. From those attacks that they were able to fight off 26.2 % were targeted against firms. This is an increase of 3.6 % compared to 2016. The experts from Kapersky also stated that 65% of the companies that were hit either suffered a severe data loss or were not able to access their files anymore. While Kaspersky doesn’t explicitly predict more ransomware attacks for this year, they warn about more advanced attacks to come for mobile devices and a rise in so called destructive attacks.

What are destructive attacks?

A new breed of ransomware arrived on the scene last year: Ransomware that is actually not a real ransomware, but more of a destruction tool. The ExPetr/NonPetya ransomware late last year appeared as a ransomware, but actually aimed at wiping the data of the victim completely. Kaspersky believes that more of these attacks will happen during this year. And since obviously the attackers are not specifically targeting the victims, everybody is in danger being hit by such a “wiper ransomware”. (Read more on this subject in another article which follows in a few weeks here.)

How to protect effectively against ransomware, malware and other viruses?

While there are many things to consider fighting ransomware. As there are – as laid out before – many different types of these viruses around these days, keep in mind the following three main tips and execute accordingly:

Email security is king! According to Sophos and other experts “Email will remain the primary attack vector threatening corporate cyber security, especially in the case of targeted attacks”. Therefore securing this main factor of vulnerability is essential to everybody, who runs a network or is connected with the internet.

Remember: Most ransomware attacks are triggered by a normal email with an infected attachment such a document, photo, animation, video or any other file. There is not much knowledge needed to insert a piece of malware into a file. In many cases there are many how-to-articles inside or videos on Youtube on how to hide code, so even a school kid can do that nowadays.

With this in mind, opening an email attachment from an unknown sender is AN ABSOLUTE NO-NO! If you are sure that this email is not addressed at you, delete it immediately!!! And also inform your company data security advisor immediately.

If you are unsure, do not open it until you have made a phone call or reached the sender in another way, to check for his identity. Remember even if you are wrong, keeping your companies IT secure and intact is always the right decision.

Make your network and IT environment secure! That one single computer is encrypted by a ransomware is definitely a bad incident, but when a ransomware spreads all over the network it can become not only a nightmare for the IT department, but endanger the whole business!

Companies who did not already have done so, should consider implementing a data security software solution which is especially designed to check all incoming emails before they are delivered from their exchange server to the intended recipient. With such a solution, the risk that a virus spreads over inside a company network is reduced dramatically. Additionally the IT administrators and management should consider implementing another network security software, which automatically monitors the network and its files. Such a solution would send an alarm if a ransomware would try to encrypt files in huge amounts over the network. These solutions also check frequently outgoing traffic, so when the ransomware tries to connect to their external server to start the encryption process, this could be terminated in a pretty early state.

And last but definitely not least: Always update your software and operating systems with the latest patches as they are available. As pointed out so often, hackers only get successful, when the victim offers gaps in his security!

Make your employees smart! We have written about ransomware and malware in our blog before, but what we see, is that in the case of an encryption attack even the most experienced computer users get in panic. Therefore EVERY employee in a company should exactly know what to do, when he gets attacked.

A ransomware attack should not only be part of a business continuity plan for the higher management or the IT experts, but precise tips on what to do, when hit, should be hanging on a piece of paper on the wall in every office. Simple tips – like for example…

disconnect from the internet and internal network

try to properly shut down the device or

immediately call IT security/IT administration

… will be then available in a couple of seconds just by looking at the wall. And can be seen and noticed every single day.

Especially IT security and administration staff alike should always be informed best about the latest developments in cyber security and hacking. Reading the latest blog news, keeping up to date about new developments in this scene and loop holes in network or software solutions should therefore be a necessity for these employees. (Keeping the company secure is what they are paid for, you know, so no excuses here, please…)

What if your data was hit by a ransomware?

If for one or another reason, a ransomware got thru your defense line and data was encrypted, you should do the following:

Never pay the ransom! We do not say that because the law enforcement organization told us to, but because of the simple fact, that you do not have a guarantee that you will get a decryption key by the criminals at all. In many cases – and most definitely if it is a ranscam or wiper you got hit by – you will not get your data back, but only lose an additional sum of money.

Do not try to decrypt your data by yourself if you are not familiar with it. For some older versions there are decryption tools already available on the internet. While for some computer specialists it is possible to recover their data, you have to have some expertise. And it is risky – if something goes wrong, you could destroy your data forever.

Better contact a data recovery specialist like Ontrack, they have all the necessary tools available to rescue your data when possible. And when it is an easy case, it does not take that long and is therefore much cheaper, than to lose data a second time.

How can data recovery experts help in a ransomware case?

Out of the perspective of a data recovery specialist every ransomware case is different. There is not only a big difference in how the ransomware variants – that are currently available – encrypt the data and spread through the network and technological basis, but also in their targets e.g. your computer or network environment. For the attacker it is irrelevant what kind of system the ransomware encrypts if it is successful and the victim pays the ransom. For the data recovery expert however it is not. Some systems and data structures are more challenging and need more time to recover than others. And time means money especially in data recovery. So watch out for ransomware attacks in 2018, otherwise you pay the price either way.

With all these attacks in 2017 ransomware will most likely be a serious threat to both private individuals and companies like in 2018 again! Regardless if the attacker aims for getting money out of this “business” or wants to destroy infrastructures or businesses, they will find gaps in your network, operating system or your data security processes. So the best defense is to have a proper backup procedure in place to make your infrastructure run again as fast as possible.

Therefore it is absolutely necessary to store backups of your business critical data on external storage devices which are not connected to your network and are functional at any given time.

In case your backup is not working or it is infested by a ransomware virus, it is best to contact a professional data recovery service provider who is able to recover both ransomware encrypted or broken backups like Ontrack.

For over 30 years Ontrack specializes in recovering data from all major backup solutions as well as from ransomware infected storages. Over the last years the specialists have gathered the knowhow and developed new tools to currently decrypt 225 different types of ransomware and recover the data. Additionally we are constantly developing new tools and methods for newly created and more advanced types of ransomware.

So if you are hit by a ransomware attack, the best thing to do is to shut down the system and to contact Ontrack immediately. The experts will give you the best advice on how to recover your precious data in your unique ransomware case.

For more information see: https://www.krollontrack.com/services/data-recovery/ransomware/

Picture Copyright: Antje Delater / pixelio.de

https://www.pixelio.de/media/274830

]]>https://www.krollontrack.com/blog/2018/01/11/cybercrime-rise-protect-ransomware-2018-2/feed/0https://www.krollontrack.com/blog/2018/01/11/cybercrime-rise-protect-ransomware-2018-2/http://feedproxy.google.com/~r/TheDataRecoveryBlogByKrollOntrack/~3/HfAJVwYAnMg/Why Data Erasure Matters for GDPRhttp://feedproxy.google.com/~r/krollontrack/news/~3/h7EL2hTPvdA/
https://www.krollontrack.com/blog/2018/01/09/why-data-erasure-matters-for-gdpr-2/#respondTue, 09 Jan 2018 20:18:08 +0000https://www.krollontrack.com/blog/?p=5432The impending date for the introduction of GDPR in May has brought data destruction and erasure strategies to the forefront of corporate strategic thinking. Thanks to potentially punitive fines for non-compliance and responsibility now sitting with the senior leadership team, data storage is now firmly at the top of the agenda in many organizations. Knowing about the issue and taking pragmatic steps to address it are clearly two different things. …Read More]]>

The impending date for the introduction of GDPR in May has brought data destruction and erasure strategies to the forefront of corporate strategic thinking. Thanks to potentially punitive fines for non-compliance and responsibility now sitting with the senior leadership team, data storage is now firmly at the top of the agenda in many organizations.

Knowing about the issue and taking pragmatic steps to address it are clearly two different things. The problem is that organizations don’t always know where their data resides, so responding to subject access requests (SARs) for personal information is set to be a complex, time-consuming and expensive process. Under Article 17 of the GDPR, organizations must be able to prove that they can erase data properly and permanently.

Once an initial data audit is undertaken, (most organizations should be well on the way to completing this process anyway in preparation for the GDPR) the next stage is to get rid of personal data that is no longer relevant, no longer in use for a specific purpose or relates to children under 16.

How to erase data properly

However, just deleting data or reformatting magnetic media (including hard disk drives and tapes) will not be enough to ensure that the wrong personal data does not reside somewhere in the business. If data gets deleted from any media type it can be recovered in many cases, even when hardware is damaged by flood or fire.

Luckily, there are many software solutions available that completely wipe devices so they can be securely reused, resold or recycled. There are also solutions that permanently erase only specific, targeted files. There are of course more permanent erasure solutions such as degaussing which can take magnetic tape storage and render the device completely unreadable (and unusable).

Virtual drives should also be considered as part of any data sanitization process. Third party service providers in particular use virtualized infrastructure to partition storage space across multiple customers in order to achieve economies of scale. Many providers are then faced with the issue of securely deleting targeted areas of their virtual storage infrastructure whilst leaving the rest intact, for example if a customer ends their managed service agreement.

The risks of physical drives

Another big source of risk is physical drives, which tend to be recycled and reused by organizations seeking to contain the cost of storage. Without using the right data erasure tools and software, organizations cannot be sure that sensitive data has been removed before it is redeployed or sent back to the original equipment manufacturer.

In a study of 64 disk drives bought online from locations including the US, Germany, France, Italy, the Asia-Pacific region, Poland and the UK, Kroll Ontrack found that 30 drives still contained traces of personal data.

One of the drives raised particular alarm. It had belonged to a company that used a service provider to erase and resell old drives. Despite that, the drive contained a wealth of highly sensitive information, including user names, home addresses, phone numbers and credit card details. It contained an employee list of around 100 names that included information about work experience, job titles, phone numbers, language abilities, vacation dates and a 1MB offline address book.

The problem extends into the business world, as users access work from their own mobile devices. Six drives in our study were found to contain critical business data such as CAD files, PDFs, JPGs and passwords.

We even found full online store set ups, configuration files and POS training videos in our search of these six drives. A further five contained other work-related data: invoices and purchase orders, much of it including sensitive personal information.

Users are unaware of the risks

In an earlier survey of 2,000 UK consumers, we found that many users are unaware of the risks presented by not backing up data or by recycling their devices properly, with more than one in 10 (11 per cent) admitting they were not sure whether data is permanently deleted when they recycle or throw away old mobile phones, tablets or computers.

Only 32 per cent said that they regularly backed up the data on their electronic devices, leaving 68 per cent risking the loss of personal information and many more leaving data on their device when it is lost, damaged, resold or disposed of.

Forensic investigations

The world has seen a proliferation of gadgets, from smartphones to iPads to voice-activated digital assistants, televisions and fridges that can all record and transmit data. Industrial sensors and CCTV cameras also help to produce data so large and complex that a new approach must be taken to store, secure and erase upon request by individuals.

Computer forensic experts can use data to make or break a criminal case. An example of such a case was when prosecutors found that a murdered woman’s Fitbit data did not match her husband’s alibi. From the locations tracked by the Fitbit and the activity monitor, investigators were able to produce a timeline showing that she was not where her husband said she was at the time of her murder. Richard Dabate is now out on bail pending trial for killing his wife.

The case serves to demonstrate that a determined computer forensics expert will be able to recover data from almost every device, in almost every stage of disrepair. Our many studies over the years into discarded or recycled devices shows a lack of thought is often applied, leaving individuals and the organizations they work for under a severe level of risk.

The GDPR effect

When the new GDPR legislation comes into force, companies in both the private and public sectors will need to prove that data is securely erased in line with the new guidelines and show that they are fully accountable for monitoring, reviewing and assessing relevant processing procedures.

They will need to show a willingness to minimize data processing and unnecessary retention as well as incorporate safeguards for all data-related activities. Many organizations are already viewing the GDPR as a reason to apply best practice management to their data storage strategies. There are several business benefits to putting an end to end erasure policy in place, and not simply because of the new focus in revised European legislation.

Cost – Data storage both physical and virtual is expensive. Being able to erase data securely enables businesses to recycle and re-use storage media without fear of inadvertently placing sensitive data in the hands of others.

Security – The difference between deletion and erasure is often misunderstood and sometimes thought to be the same. It is important for businesses to understand that if data is deleted it is recoverable but if it is erased properly it is irretrievable.

Keeping up to date – The focus on data retention and erasure is not new (PCI DSS, ISO 270001) but as the world becomes more data dependent understandably the sentiments of more focused regulations are being applied to the wider world. GDPR will also cover important aspects like globalization or popular technological developments, such as Facebook, Twitter, Google+ and other social media platforms. The new legislation will encompass all of the new ways of communicating in the digital age – and the subsequent information that’s generated from our interaction with it.

In our experience, it seems data protection professionals are on the whole well-informed about the new GDPR legislation. The challenge for them is to bridge the gap between theoretical requirements and the practicalities of implementation, as well as the impact this will have on the businesses they work for. This includes the ability to erase data securely and with an auditable process.

Conversely there are still a large number of organizations that have not assigned the tasks associated with data protection within their business, be it to an individual data protection officer or a group of individuals. For those businesses time is well and truly running out

]]>https://www.krollontrack.com/blog/2018/01/09/why-data-erasure-matters-for-gdpr-2/feed/0https://www.krollontrack.com/blog/2018/01/09/why-data-erasure-matters-for-gdpr-2/http://feedproxy.google.com/~r/TheDataRecoveryBlogByKrollOntrack/~3/1yb48KWbwE4/How to Backup Data from a Smartphone – Part 1http://feedproxy.google.com/~r/krollontrack/news/~3/wpTqS0_SoEk/
https://www.krollontrack.com/blog/2017/12/28/backup-data-smartphone/#respondThu, 28 Dec 2017 16:10:50 +0000https://www.krollontrack.com/blog/?p=5419During this holiday season, many new smartphones will be given as gifts. To transfer the data from the “old” device to the new one, a backup of the data and a subsequent restore on the new device helps. Of course, a backup should not only be used to set up a newly received or purchased smartphone, but with personal and business data stored on these devices today, backups should be …Read More]]>

During this holiday season, many new smartphones will be given as gifts. To transfer the data from the “old” device to the new one, a backup of the data and a subsequent restore on the new device helps. Of course, a backup should not only be used to set up a newly received or purchased smartphone, but with personal and business data stored on these devices today, backups should be created often. Unfortunately, a backup is rarely made from our little all-purpose helpers. And unfortunately, creating a backup is not that easy if you have a smartphone with Android operating system.

iPhone Backup

For iPhone users, the task is fairly straightforward. You connect your iPhone to a Wi-Fi and Internet network and then tap on “iCloud” (You will find the iCloud in iOS 10.2 or older in the settings). Afterwards, tap on “iCloud backup” or “Backup”, then select “Back Up Now.”

Android Backup

Unfortunately, with Android smartphones, more effort is necessary. If you did not create your own Google Account during the setup process of your phone for the first time or you do not have a Gmail account, make one directly at Google. Now look in the settings on your smartphone (gear icon) the item “Backup & reset” and here you can save a lot of data including Wi-Fi passwords, contacts, calendar data and emails sent or received via Gmail. You activate “Back up my data” and “Automatic restore.” Under “Backup account” you can see the account used for the backup – or you select the desired account from several entries. Back in Settings, open “Accounts” and select “Google.” Click on your Google account and then click on the data to be backed up – in Android this process is called “synchronize.”

To back up photos and videos, open the Google Photos app (preinstalled on all Android phones). At the top left you will find the three dashes that lead to the settings. Sign in to your Google Account. Then go back to the app’s home screen, click on “Settings”, then “Back up & sync” and “Back Up.”

But what about backing up content from other programs?

As an example, here is how you create a backup of your WhatsApp communication. You can back up your WhatsApp chats in the app via the three dots in the top right > Settings> Chats> Chat backup. After saving, connect the smartphone via an USB cable to your PC. On your small smartphone screen, a selection menu appears at best, in which you select “Transfer data.”

But since each manufacturer “cooks his own soup” and presents the Android operating system its own “wallpaper,” it may be that you have to select the possibility of data transfer in a separate menu. Find out where to find this function in the manual of your smartphone or on the website of its manufacturer.

If the file structure of the smartphone is displayed on your PC, copy the “WhatsApp” folder to your hard disk. To copy your WhatsApp correspondence to a new smartphone, you must install the app there (without opening it!). Then copy the contents of the backed up WhatsApp folder to the WhatsApp folder on your new device and start the app. Et Viola!

Here’s another tip: After a smartphone crash, typically the touchscreen is broken and can no longer be operated with a finger. As a remedy, you can connect a normal optical mouse to the phone, as long as the device is capable of USB-OTG (On-the-Go), which should be the case from Android 3.1 and up. With the help of a cable “Micro-USB plug to USB socket” or “Mini-USB plug to USB socket,” depending on the type of connection with your smartphone, you can do almost all the actions you previously were able to with the mouse. That the mouse pointer is possibly really tiny, is not much of a problem – at least you have control over your smartphone again.

In the second part of our article series on smartphone backups, we’ll discuss the special backup programs that can make your life easier when dealing with mobile phones and tablets.

]]>https://www.krollontrack.com/blog/2017/12/28/backup-data-smartphone/feed/0https://www.krollontrack.com/blog/2017/12/28/backup-data-smartphone/http://feedproxy.google.com/~r/TheDataRecoveryBlogByKrollOntrack/~3/siEPFwU6dcI/Tape Destruction Explainedhttp://feedproxy.google.com/~r/krollontrack/news/~3/1tXSOMOO774/
https://www.krollontrack.com/blog/2017/12/14/tape-destruction-explained-2/#respondThu, 14 Dec 2017 20:06:06 +0000https://www.krollontrack.com/blog/?p=5399Contrary to popular opinion, magnetic tapes are not dead and still have a role in modern IT. Many businesses that do not use an archiving solution store their backup data on tapes. Businesses choose this option because it’s cost effective. The tapes are then kept onsite at a company facility or at an external tape storage provider. These tapes are kept until the retention period has expired, which in some …Read More]]>

Contrary to popular opinion, magnetic tapes are not dead and still have a role in modern IT. Many businesses that do not use an archiving solution store their backup data on tapes. Businesses choose this option because it’s cost effective. The tapes are then kept onsite at a company facility or at an external tape storage provider. These tapes are kept until the retention period has expired, which in some cases can be longer than 25 years.

When time is up

After this retention period has expired, have you ever wondered what the proper methods are to destroy and recycle magnetic tapes? Or why is this important? There are several common methods of destroying tape data, but the security and reliability of these methods vary.

Is shredding a secure method of destruction?

Shredding tapes, if done properly, is the best way of making sure that the data is gone for good. If the shredding is not done correctly, technically it is possible for the tape to be pieced back together and data recovered, though in reality the chances of this (especially with modern tape, LTO specifically) are slim to none.

High risk

There is a high risk that data recovery is more likely the older the tapes are. Even after the media has been shredded, if there are longer lengths of tape still present, there is a good chance the data can be pieced back together.

What to do?

In order to be completely certain that your data has been destroyed securely, using a degausser is your most reliable method of destruction. A degausser will make the data unreadable, and in some cases, unusable. There are chips inside some tape types, and if these are damaged by the degausser, the media will not be unusable after that. But again, we must preface that some older media will be reusable after it has been degaussed.

How does it work?

The degausser works by passing a powerful magnetic field through the media, this either totally removes the film coating on the media, for tape this is usually iron oxide, or scrambles this coating so that the tape drive can no longer read the data that is written to it. Once the film has been removed, or the data scrambled, there is no way to piece this back together, making any attempts at data recovery impossible.

High importance

So always keep in mind: Without seeking secure destruction of tapes you put your company’s data at risk of restoration.